Key Takeaways
- Chinese state‑linked actors are intensifying cyber campaigns to steal U.S. artificial‑intelligence (AI) technology, aiming to close a three‑ to four‑month AI gap.
- Attacks have moved beyond classic trade‑secret theft to broader intelligence gathering, including product roadmaps, supply‑chain weaknesses, and human‑level vulnerabilities.
- CrowdStrike reported that Chinese entities were responsible for more than half of state‑sponsored intrusions against tech firms in the year ending March 31.
- High‑profile cases involve Anthropic’s accusations against Alibaba, Copyleaks’ findings that DeepSeek’s R1 model mirrors ChatGPT outputs, and a disputed insider threat at Agentiq Capital.
- Start‑ups are especially vulnerable because they lack the cybersecurity resources of larger firms, creating a “cyber poverty line” that attackers exploit via social engineering and targeting new hires.
- U.S. government responses include FBI investigations, technology export controls, and initiatives like Anthropic’s Claude Corps, while China offers subsidies, free computing power, and rent‑free office space to its AI start‑ups.
- Experts caution that distinguishing state‑directed espionage from corporate or individual efforts remains difficult, and the AI race narrative can shape policy and market decisions beyond the actual threat level.
Rising Chinese Cyber Espionage Targeting AI
U.S.-based cybersecurity leader CrowdStrike has warned that Chinese‑based entities are increasingly focusing their cyberattacks on stealing American artificial‑intelligence technology. As the global AI race accelerates, the People’s Republic of China seeks to narrow the estimated three‑ to four‑month technological advantage that the United States currently holds. Rather than isolating a single piece of proprietary hardware or code, attackers are broadening their scope to collect any information that could erode that lead—ranging from detailed product roadmaps to subtle weaknesses in supply chains.
From Trade Secrets to Broad Intelligence Gathering
Matt Pearl, director of the strategic technologies program at the Center for Strategic and International Studies, explained that the hackers’s shift reflects a strategic change: instead of hunting for a specific trade secret such as a chip design, Chinese actors now aim for a holistic view of a target’s AI ecosystem. Understanding a company’s upcoming product releases, its partnership networks, and even internal workflows can provide the insights needed to accelerate domestic AI development. This wider net makes detection harder and increases the value of each successful intrusion.
CrowdStrike’s Data Shows a Dominant Share
In its June report covering the twelve months through March 31, CrowdStrike revealed that Chinese entities accounted for more than half of all state‑sponsored intrusions directed at technology companies, with a particular emphasis on AI assets. The statistic underscores the scale of the problem and signals that Beijing’s cyber espionage apparatus is now a primary driver of threats against the U.S. tech sector.
Anthropic’s Allegations Against Alibaba
American AI start‑up Anthropic has publicly accused Chinese firms, including Alibaba, of attempting to illicitly copy its AI capabilities. Although Alibaba has not responded to requests for comment, the accusation adds to a growing list of U.S. companies claiming that Chinese actors are seeking to replicate or undermine their proprietary models. Such claims, while difficult to verify independently, contribute to the perception of a systematic effort to erode U.S. AI leadership.
Copyleaks Finds Striking Similarities Between Models
Copyleaks, a U.S.-based AI‑content detection startup, reported that the outputs generated by the Chinese startup DeepSeek’s R1 model resembled those of OpenAI’s ChatGPT approximately three‑quarters of the time. CEO Alon Yamin noted that this level of stylistic concordance has not been observed in other large language models, suggesting that DeepSeek may have trained its system on data derived from U.S.-developed models. Neither DeepSeek nor OpenAI have commented on the findings.
A Contested Insider Threat at Agentiq Capital
Brian Abbott, founder and CEO of U.S. start‑up Agentiq Capital, told CNBC that an employee he hired from China last year appeared to be an agent of Beijing who deliberately altered code and website language to thwart the company’s fundraising efforts. Abbott claimed the worker replaced references to “ASI” (artificial superintelligence) with the less‑favored term “fintech,” thereby discouraging venture‑capital interest. The individual was later dismissed, and Agentiq filed a complaint with the FBI; however, CNBC could not independently verify the allegation.
FBI Warns of Economic Espionage Costs
The Federal Bureau of Investigation characterized China’s economic‑espionage campaign as a continuing threat that costs the American economy hundreds of billions of dollars annually and jeopardizes national security. The FBI said it prioritizes investigations into any suspected theft of U.S. technology by foreign actors and remains committed to defending the homeland from such incursions.
Distinguishing State‑Sponsored from Corporate Activity
Graham Webster, editor‑in‑chief of Stanford University’s DigiChina Project, cautioned that attributing cyber intrusions directly to the Chinese state can be challenging. He noted that the line between state‑directed espionage and independent corporate or individual efforts is often blurry, complicating policy responses. Webster also observed that the narrative surrounding Chinese AI is amplified by U.S. companies preparing for major initial public offerings, which can skew perceptions of risk versus reality.
Start‑Ups Face a “Cyber Poverty Line”
Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, warned that the AI boom has created a “cyber poverty line” where small businesses lack the financial and technical resources of larger firms to defend against sophisticated attacks. Human vulnerabilities—especially social‑engineering tactics amplified by AI‑generated content—pose a significant risk. Attackers frequently target newly hired or contracted employees, hoping to exploit their limited familiarity with corporate security protocols to gain access to valuable AI models.
New Employees as Prime Targets
Copyleaks’ Yamin echoed this concern, stating that his firm has observed numerous cases where new hires become immediate targets of cyberattacks aimed at exfiltrating AI models. He anticipates that such incidents will increase as attackers refine their use of AI‑driven phishing and impersonation campaigns.
Government and Corporate Initiatives Shape the Landscape
In response, Anthropic launched its Claude Corps program on June 11, aiming to train 1,000 individuals in AI and pair them with U.S. non‑profits. Meanwhile, Chinese policymakers have rolled out substantial support for domestic AI start‑ups, including free or subsidized computing power and rent‑free office space. Isaac Stone Fish, founder of consultancy Strategy Risks, argued that while Beijing’s focus often lands on large corporations, start‑ups remain especially exposed because they typically lack dedicated cyber‑expertise. He noted that Chinese attempts to acquire U.S. AI technology have intensified over the past 18 months, spurred by the release of DeepSeek’s model, which reignited the Sino‑American AI rivalry.
Balancing Innovation with Security
For start‑ups, the challenge lies in maintaining rapid innovation while instituting adequate security measures. Abbott reflected that the employee he hired initially offered to work for free before receiving a modest stipend plus stock options—a cost structure many fledgling firms cannot sustain if they were to pay market rates for all talent. He stressed the need to “secure our economy of start‑ups stateside,” implying that policymakers and industry leaders must develop affordable, scalable defenses tailored to the resource constraints of emerging companies.
Conclusion
The evidence points to a growing, multifaceted threat from China‑based actors seeking to close the AI gap through cyber espionage that blends technical intrusion with human‑level manipulation. While large corporations can marshal significant defensive budgets, start‑ups operate under tighter constraints, making them attractive targets. Addressing this risk will require a combination of improved threat intelligence, targeted support for small‑business cybersecurity, and continued vigilance from both government agencies and the private sector. Only by securing the innovative engine of the U.S. startup ecosystem can the nation hope to preserve its lead in the global AI race.

